When secure pages is enabled, the content template module) admin page shows blank
| Project: | Secure Pages |
| Version: | 6.x-1.7-beta2 |
| Component: | User interface |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
I installed secure pages on Drupal 6.3 and secured the admin and user pages. It works very well except with the content template module. I have installed content template (contemplate) module 6.x-1.0 and when I go to the content template admin page, for certain content types, the screen goes blank - a classic sign of some modules throwing PHP fatal error. The httpd error log shows the following log:
[Sat Jan 03 06:45:45 2009] [error] [client 74.183.226.27] PHP Fatal error: Cannot use object of type stdClass as array in /var/www/html/drupal/sites/all/modules/securepages/securepages.module on line 187, referer: https://www.mycarqna.com/admin/content/templates
The problem seems to be in the elseif part of the following code segment:
foreach ($links as $module => $link) {
if ($link['href']) {
$page_match = securepages_match($link['href']);
if ($page_match && !securepages_is_secure()) {
$links[$module]['href'] = securepages_url($link['href'], array('secure' => TRUE));
}
elseif ($page_match === 0 && securepages_is_secure() && variable_get('securepages_switch', FALSE)) {
$links[$module]['href'] = securepages_url($link['href'], array('secure' => FALSE));
}
}
}
}
I commented out the elseif part of the statement and the pages came up successfully but I dont know what I broke by commenting out. I am thinking this is a bug.
#1
This is actually not an issue with secure pages. The biggest difference between secure pages and any other module which implements hook_link_alter() is that secure pages alters any type of links. this does not just include node/comment but anything.
What is happening is that another module that implements hook_link() is returning an object.
if you look at any that are passing in objects and see what module is doing this. This other module is not implementing the api correctly.
I am actually also thinking of implementing the link alter via custom_url_rewrite_outbound() which will rewrite all urls on the site, so you don't have to do the switch if you connect not in the correct way.
#2
i think it can be fixed temporarily by adding a type check there and bail out if theres an object involved instead of the expected array, if indeed the other modules are breaking the api (someone should let them know too)
you can also fix it by listing in "Ignore pages:" textarea at securepages settings, the url of the affected page, im using "admin/content/templates/*"
now when you click the contemplate link with the problem, you will get a blank page over https, simply edit the link to be "http" and it will work, it does for me, this would also expose your admin session cookie without ssl (i think)
#3
How in the world would you know what the offending module was? I am using around 115 modules. I did a grep for hook_link in sites/all/modules and of course thats way too many to figure out who is in the wrong.
If this function is only explicitly expecting an array, the kind thing to do would be to add a check and only execute the code if it is in fact an array and not an object. Then log what was trying to pass in the object.
I am thinking maybe Panels 2 or CDN, since the site I was testing on does not use CDN, and has Panels 3. This is the only difference I can think of between local and live versions of the site, and it appeared to work great locally.